Merge branch 'develop' into fix/lose-admin-access

2 years ago · f573b8c533
11 changed files with 25521 additions and 11048 deletions
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@ -25,7 +25,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -70,7 +70,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -115,7 +115,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -160,7 +160,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -205,7 +205,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -250,7 +250,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -295,7 +295,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -340,7 +340,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -385,7 +385,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -430,7 +430,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -475,7 +475,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
@ -520,7 +520,7 @@ jobs:
            - name: Setup Node
              uses: actions/setup-node@v1
              with:
-                  node-version: 16
+                  node-version: 16.15.0
            - name: Checkout
              uses: actions/checkout@v2
              with:
--- a/package-lock.json
+++ b/package-lock.json
--- a/packages/nc-gui/package-lock.json
+++ b/packages/nc-gui/package-lock.json
--- a/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/formulav2/formulaQueryBuilderv2.ts
+++ b/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/formulav2/formulaQueryBuilderv2.ts
@ -627,7 +627,7 @@ export default async function formulaQueryBuilderv2(
            }
            return query;
          })
-          .join()})${colAlias}`
+          .join()})${colAlias}`.replace(/\?/g, '\\?')
      );
    } else if (pt.type === 'Literal') {
      return knex.raw(`?${colAlias}`, [pt.value]);
--- a/packages/nocodb/src/lib/meta/NcMetaMgr.ts
+++ b/packages/nocodb/src/lib/meta/NcMetaMgr.ts
@ -4551,7 +4551,9 @@ export default class NcMetaMgr {
          'Access-Control-Expose-Headers': 'nc-export-offset',
          'nc-export-offset': csvData.offset,
          'nc-export-elapsed-time': csvData.elapsed,
-          'Content-Disposition': `attachment; filename="${args.args.model_name}-export.csv"`
+          'Content-Disposition': `attachment; filename="${encodeURI(
            args.args.model_name
          )}-export.csv"`
        });
        res.send(csvData.data);
      }
--- a/packages/nocodb/src/lib/meta/api/dataApis/dataAliasExportApis.ts
+++ b/packages/nocodb/src/lib/meta/api/dataApis/dataAliasExportApis.ts
@ -15,7 +15,9 @@ async function csvDataExport(req: Request, res: Response) {
    'Access-Control-Expose-Headers': 'nc-export-offset',
    'nc-export-offset': offset,
    'nc-export-elapsed-time': elapsed,
-    'Content-Disposition': `attachment; filename="${view.title}-export.csv"`
+    'Content-Disposition': `attachment; filename="${encodeURI(
      view.title
    )}-export.csv"`
  });
  res.send(data);
 }
--- a/packages/nocodb/src/lib/meta/api/exportApis.ts
+++ b/packages/nocodb/src/lib/meta/api/exportApis.ts
@ -11,7 +11,9 @@ async function exportCsv(req: Request, res: Response) {
    'Access-Control-Expose-Headers': 'nc-export-offset',
    'nc-export-offset': offset,
    'nc-export-elapsed-time': elapsed,
-    'Content-Disposition': `attachment; filename="${view.title}-export.csv"`
+    'Content-Disposition': `attachment; filename="${encodeURI(
      view.title
    )}-export.csv"`
  });
  res.send(data);
 }
--- a/packages/nocodb/src/lib/meta/api/publicApis/publicDataExportApis.ts
+++ b/packages/nocodb/src/lib/meta/api/publicApis/publicDataExportApis.ts
@ -122,7 +122,9 @@ async function exportCsv(req: Request, res: Response) {
    'Access-Control-Expose-Headers': 'nc-export-offset',
    'nc-export-offset': offset,
    'nc-export-elapsed-time': elapsed,
-    'Content-Disposition': `attachment; filename="${view.title}-export.csv"`
+    'Content-Disposition': `attachment; filename="${encodeURI(
      view.title
    )}-export.csv"`
  });
  res.send(data);
 }
--- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
+++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
@ -284,7 +284,8 @@ async function passwordChange(req: Request<any, any>, res): Promise<any> {
  await User.update(user.id, {
    salt,
-    password
+    password,
    email: user.email
  });
  Audit.insert({
@ -324,12 +325,13 @@ async function passwordForgot(req: Request<any, any>, res): Promise<any> {
            (req as any).ncSiteUrl
          }/api/v1/db/auth/password/reset/${token}.`,
          html: ejs.render(template, {
-            resetLink: (req as any).ncSiteUrl + `/api/v1/db/auth/password/reset/${token}`
+            resetLink:
              (req as any).ncSiteUrl + `/api/v1/db/auth/password/reset/${token}`
          })
        })
      );
    } catch (e) {
-      console.log(e)
+      console.log(e);
      return NcError.badRequest(
        'Email Plugin is not found. Please contact administrators to configure it in App Store first.'
      );
@ -343,9 +345,7 @@ async function passwordForgot(req: Request<any, any>, res): Promise<any> {
      ip: (req as any).clientIp
    });
  } else {
-    return NcError.badRequest(
+    return NcError.badRequest('Your email has not been registered.');
      'Your email has not been registered.'
    );
  }
  res.json({ msg: 'Please check your email to reset the password' });
 }
--- a/packages/nocodb/src/lib/models/User.ts
+++ b/packages/nocodb/src/lib/models/User.ts
@ -74,23 +74,23 @@ export default class User implements UserType {
      'roles'
    ]);
    // get existing cache
-    let key = `${CacheScope.USER}:${id}`;
+    const keys = [
-    let o = await NocoCache.get(key, CacheGetType.TYPE_OBJECT);
+      // update user:<id>
-    if (o) {
+      `${CacheScope.USER}:${id}`,
-      o = { ...o, ...updateObj };
+      // update user:<email>
-      // set cache
+      `${CacheScope.USER}:${user.email}`
-      await NocoCache.set(key, o);
+    ];
-      {
+    for (const key of keys) {
-        // update user:<email>
+      let o = await NocoCache.get(key, CacheGetType.TYPE_OBJECT);
-        key = `${CacheScope.USER}:${o.email}`;
+      if (o) {
-        o = await NocoCache.get(key, CacheGetType.TYPE_OBJECT);
+        o = { ...o, ...updateObj };
-        if (o) {
+        // set cache
-          o = { ...o, ...updateObj };
+        await NocoCache.set(key, o);
          // set cache
          await NocoCache.set(key, o);
        }
      }
    }
    // as <projectId> is unknown, delete user:<email>___<projectId> in cache
    await NocoCache.delAll(CacheScope.USER, `${user.email}___*`);
    // set meta
    return await ncMeta.metaUpdate(null, null, MetaTable.USERS, updateObj, id);
  }
--- a/scripts/cypress/integration/test/explicitLogin.js
+++ b/scripts/cypress/integration/test/explicitLogin.js
@ -10,7 +10,6 @@ export const genTest = (apiType, dbType) => {
        before(() => {
            // loginPage.loginAndOpenProject(apiType, dbType);
            // open a table to work on views
            //
            // cy.openTableTab('City');
        });